Skip to main content
CVE-2024-49537 HIGH This Week

After Effects versions 24.6.2, 25.0.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE After Effects
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-49513 HIGH This Week

PDFL SDK versions 21.0.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Pdf Library Sdk
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-45156 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference RCE Denial Of Service Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-45155 HIGH This Week

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-49553 HIGH This Week

Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Media Encoder
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-49552 HIGH This Week

Media Encoder versions 25.0, 24.6.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Media Encoder
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-49551 HIGH This Week

Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Media Encoder
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-49530 HIGH This Week

Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Use After Free Memory Corruption RCE Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-53919 HIGH This Week

An injection vulnerability in Barco ClickShare CX-30/20, C-5/10, and ClickShare Bar Pro and Core models, running firmware before 2.21.1, allows physically proximate attackers or local admins to the. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection
NVD
CVSS 3.1
7.6
EPSS
0.4%
CVE-2024-53246 HIGH This Week

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106, 9.2.2403.111, and 9.1.2312.206, an SPL command can potentially. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Splunk Splunk Cloud Platform
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-54095 HIGH This Week

A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 10). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Integer Overflow Information Disclosure Solid Edge Se2024
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-54094 HIGH This Week

A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 5). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Solid Edge Se2024
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-54093 HIGH This Week

A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 5). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Solid Edge Se2024
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-54091 HIGH This Week

A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 12), Solid Edge SE2025 (All versions < V225.0 Update 3). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Memory Corruption Parasolid Solid Edge Se2024 Solid Edge Se2025
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-53242 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-53041 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Stack Overflow Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-10959 HIGH This Week

The The Active Products Tables for WooCommerce. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection WordPress RCE
NVD
CVSS 3.1
7.3
EPSS
0.6%
CVE-2024-28138 HIGH This Week

An unauthenticated attacker with network access to the affected device's web interface can execute any system command via the "msg_events.php" script as the www-data user. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Command Injection
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2024-54008 HIGH This Week

An authenticated Remote Code Execution (RCE) vulnerability exists in the AirWave CLI. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2024-11773 HIGH This Week

SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Ivanti Cloud Services Appliance
NVD
CVSS 3.1
7.2
EPSS
23.6%
CVE-2024-11772 HIGH This Week

Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ivanti Cloud Services Appliance
NVD
CVSS 3.1
7.2
EPSS
7.7%
CVE-2024-11634 HIGH This Week

Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Ivanti Connect Secure Policy Secure
NVD
CVSS 3.1
7.2
EPSS
1.8%
CVE-2024-11633 HIGH This Week

Argument injection in Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Ivanti Connect Secure
NVD
CVSS 3.1
7.2
EPSS
1.7%
CVE-2024-47946 HIGH This Week

If the attacker has access to a valid Poweruser session, remote code execution is possible because specially crafted valid PNG files with injected PHP content can be uploaded as desktop backgrounds. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE PHP File Upload
NVD
CVSS 3.1
7.2
EPSS
1.1%
CVE-2024-54197 HIGH This Week

SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF SAP
NVD
CVSS 3.1
7.2
EPSS
0.3%
CVE-2024-7572 HIGH This Week

Insufficient permissions in Ivanti DSM before version 2024.3.5740 allows a local authenticated attacker to delete arbitrary files. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ivanti Desktop Server Management
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-10256 HIGH This Week

Insufficient permissions in Ivanti Patch SDK before version 9.7.703 allows a local authenticated attacker to delete arbitrary files. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ivanti Endpoint Manager Neurons Agent Platform Neurons For Patch Management +3
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-52051 HIGH This Week

A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All versions), SIMATIC S7-PLCSIM V18 (All versions), SIMATIC STEP 7 Safety V17 (All versions < V17 Update 9), SIMATIC STEP 7 Safety V18. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

RCE
NVD
CVSS 4.0
7.0
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy